DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB

Home » Blogs » DevOps Toolbox » Can EV Certificates Improve Brand Value and Increase Trust?

Can EV Certificates Improve Brand Value and Increase Trust?

Avatar photoBy: Tony Bradley on June 6, 2018 1 Comment

Most people know the difference between a website that is completely insecure and unencrypted and one that offers an encrypted session for security. You simply look for whether the URL starts with HTTP and the address bar displays an open padlock, or the URL starts with HTTPS and shows a locked padlock. Within the realm of secure websites, though, not all certificates are created equally. An extended validation certificate — EV certificate, for short — provides a more in-depth validation process than other certificates and may foster more trust from customers as well.

Recent Posts By Tony Bradley
  • The Best Approach to Help Developers Build Security into the Pipeline
  • Better Apps and Better Security When You Shift Left
  • The Road Ahead for Security, DevOps Transformation
Avatar photo More from Tony Bradley
Related Posts
  • Can EV Certificates Improve Brand Value and Increase Trust?
  • Survey Finds EV Certificates Impact User Confidence, Revenue
  • Defend Against Phishing Attacks with EV Certificates
    Related Categories
  • Blogs
  • DevOps Toolbox
    Related Topics
  • EV certificates
  • survey
Show more
Show less

The difference between an EV certificate and other certificates lies in the verification required to obtain one. Traditional certificates can be acquired by providing organizational information or verifying admin rights of the target domain. On many occasions, though, attackers have found ways to circumvent or subvert the verification process and obtain fraudulent certificates using those methods. The verification process for an EV certificate requires proof that the requesting entity is, in fact, the legal identity that owns and manages the target domain.

TechStrong Con 2023Sponsorships Available

According to Wikipedia, the vetting process for an EV certificate involves a number of additional validation steps: “These include manual checks of all the domain names requested by the applicant, checks against official government sources, checks against independent information sources, and phone calls to the company to confirm the position of the applicant. If the certificate is accepted, the government-registered serial number of the business as well as the physical address are stored in the EV certificate.”

As attackers have grown more savvy and adapted to the expectation that a website run over HTTPS and have the padlock indicating that it’s secure, they’ve found ways to game the system and create fraudulent or phishing websites that appear to be secure.

Websites with EV certificates show up differently in browsers with EV support, which includes Microsoft Edge, Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Apple Safari. In most implementations, websites with EV certificates include more advanced details about the website and the entity behind it, such as the name of the company that owns the certificate and a bar or text that is distinct—usually green—for easy visual verification of a valid EV certificate.

We’d like to know more about how important secure websites are to you, and whether you know—or would notice—the difference between a website using a traditional certificate and a website using the more secure EV certificate. Please invest five minutes of your time to take a quick survey and help us learn more about the value of EV certificates when it comes to your level of trust online.

Click here to begin the survey.

— Tony Bradley

Filed Under: Blogs, DevOps Toolbox Tagged With: EV certificates, survey

« Aqua Security Survey Finds Sharp Rise in DevSecOps
Instana Announces First Ai-Powered Monitoring Solution For Aws Lambda; Available On Aws Marketplace »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Evolution of Transactional Databases
Monday, January 30, 2023 - 3:00 pm EST
Moving Beyond SBOMs to Secure the Software Supply Chain
Tuesday, January 31, 2023 - 11:00 am EST
Achieving Complete Visibility in IT Operations, Analytics, and Security
Wednesday, February 1, 2023 - 11:00 am EST

Sponsored Content

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Why a Low-Code Platform Should Have Pro-Code Capabilities

March 24, 2021 | Andrew Manby

AWS Well-Architected Framework Elevates Agility

December 17, 2020 | JT Giri

Practical Approaches to Long-Term Cloud-Native Security

December 5, 2019 | Chris Tozzi

Latest from DevOps.com

Stream Big, Think Bigger: Analyze Streaming Data at Scale
January 27, 2023 | Julia Brouillette
What’s Ahead for the Future of Data Streaming?
January 27, 2023 | Danica Fine
The Strategic Product Backlog: Lead, Follow, Watch and Explore
January 26, 2023 | Chad Sands
Atlassian Extends Automation Framework’s Reach
January 26, 2023 | Mike Vizard
Software Supply Chain Security Debt is Increasing: Here’s How To Pay It Off
January 26, 2023 | Bill Doerrfeld

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

GET THE TOP STORIES OF THE WEEK

Most Read on DevOps.com

What DevOps Needs to Know About ChatGPT
January 24, 2023 | John Willis
Microsoft Outage Outrage: Was it BGP or DNS?
January 25, 2023 | Richi Jennings
Five Great DevOps Job Opportunities
January 23, 2023 | Mike Vizard
Optimizing Cloud Costs for DevOps With AI-Assisted Orchestra...
January 24, 2023 | Marc Hornbeek
A DevSecOps Process for Node.js Projects
January 23, 2023 | Gilad David Maayan
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.